MFC r345744, r348122, r355247

r345744: random(4): Attempt to persist entropy promptly
r348122: save-entropy(8), rc.d/random: Set nodump flag
r355247: Reduce disk write load in /usr/libexec/save-entropy.

libexec/rc/rc.d/random

@@ -25,7 +25,9 @@ save_dev_random()
 	for f ; do
 		debug "saving entropy to $f"
 		dd if=/dev/random of="$f" bs=4096 count=1 status=none &&
-			chmod 600 "$f"
+			( chflags nodump "$f" 2>/dev/null || : ) &&
+			chmod 600 "$f" &&
+			fsync "$f" "$(dirname "$f")"
 	done
 	umask ${oumask}
 }
@@ -98,7 +100,7 @@ random_stop()
 	[Nn][Oo])
 		;;
 	*)
-		echo -n 'Writing entropy file:'
+		echo -n 'Writing entropy file: '
 		rm -f ${entropy_file} 2> /dev/null
 		oumask=`umask`
 		umask 077
@@ -117,9 +119,7 @@ random_stop()
 			warn 'write failed (read-only fs?)'
 			;;
 		*)
-			dd if=/dev/random of=${entropy_file_confirmed} \
-			    bs=4096 count=1 2> /dev/null ||
-			    warn 'write failed (unwriteable file or full fs?)'
+			save_dev_random "${entropy_file_confirmed}"
 			echo '.'
 			;;
 		esac
@@ -130,7 +130,7 @@ random_stop()
 	[Nn][Oo])
 		;;
 	*)
-		echo -n 'Writing early boot entropy file:'
+		echo -n 'Writing early boot entropy file: '
 		rm -f ${entropy_boot_file} 2> /dev/null
 		oumask=`umask`
 		umask 077
@@ -142,9 +142,7 @@ random_stop()
 			warn 'write failed (read-only fs?)'
 			;;
 		*)
-			dd if=/dev/random of=${entropy_boot_file_confirmed} \
-			    bs=4096 count=1 2> /dev/null ||
-			    warn 'write failed (unwriteable file or full fs?)'
+			save_dev_random "${entropy_boot_file_confirmed}"
 			echo '.'
 			;;
 		esac

libexec/save-entropy/save-entropy.sh

@@ -71,24 +71,63 @@ cd "${entropy_dir}" || {
 
 for f in saved-entropy.*; do
 	case "${f}" in saved-entropy.\*) continue ;; esac	# No files match
-	[ ${f#saved-entropy\.} -ge ${entropy_save_num} ] && unlink ${f}
+	[ ${f#saved-entropy\.} -gt ${entropy_save_num} ] && unlink ${f}
 done
 
-umask 377
+umask 177
 
-n=$(( ${entropy_save_num} - 1 ))
-while [ ${n} -ge 1 ]; do
-	if [ -f "saved-entropy.${n}" ]; then
-		mv "saved-entropy.${n}" "saved-entropy.$(( ${n} + 1 ))"
-	elif [ -e "saved-entropy.${n}" -o -L "saved-entropy.${n}" ]; then
+# Scan slots [1..$entropy_save_num), picking an empty slot or the oldest
+# existing file if no empty slot was available.
+#
+# 1. Find out the first regular file or empty slot (and its serial number)
+#
+n=1
+while [ ${n} -le ${entropy_save_num} ]; do
+	save_file="saved-entropy.${n}"
+	if [ ! -e "${save_file}" -o -f "${save_file}" ]; then
+		break
+	else
 		logger -is -t "$0" \
-	"${entropy_dir}/saved-entropy.${n}" is not a regular file, and so \
-	    it will not be rotated. Entropy file rotation is aborted.
-		exit 1
+		    "${save_file}" is not a regular file, skipped.
 	fi
-	n=$(( ${n} - 1 ))
+	n=$(( ${n} + 1 ))
 done
+#
+# 2. Start from (serial number + 1), and check if the slot is empty
+#    or is an older regular file, update save_file pointer in either
+#    case, and break early if we found an empty slot.
+#
+if [ -f ${save_file} ]; then
+	n=$(( ${n} + 1 ))
+	while [ ${n} -le ${entropy_save_num} ]; do
+		next_file=saved-entropy.${n}
+		if [ -f "${next_file}" ]; then
+			[ "${next_file}" -ot "${save_file}" ] && \
+			    save_file="${next_file}"
+		elif [ ! -e "${next_file}" ]; then
+			save_file="${next_file}"
+			break
+		else
+			logger -is -t "$0" \
+			    "${next_file}" is not a regular file, skipped.
+		fi
+		n=$(( ${n} + 1 ))
+	done
+fi
+#
+# 3. Check if the pointer we have in hand is really a regular file or
+#    an empty slot, and bail out as that means there is no available slot.
+#
+if [ -e "${save_file}" -a ! -f "${save_file}" ]; then
+	logger -is -t "$0" \
+		No available slot in "${entropy_dir}", save entropy is aborted.
+	exit 1
+fi
 
-dd if=/dev/random of=saved-entropy.1 bs=${entropy_save_sz} count=1 2>/dev/null
+# Save entropy to the selected slot.
+chmod 600 "${save_file}" 2>/dev/null || :
+dd if=/dev/random of="${save_file}" bs=${entropy_save_sz} count=1 2>/dev/null
+chflags nodump "${save_file}" 2>/dev/null || :
+fsync "${save_file}" "."
 
 exit 0